SendTopic.php 19 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586
  1. <?php
  2. /**
  3. * Simple Machines Forum (SMF)
  4. *
  5. * @package SMF
  6. * @author Simple Machines http://www.simplemachines.org
  7. * @copyright 2011 Simple Machines
  8. * @license http://www.simplemachines.org/about/smf/license.php BSD
  9. *
  10. * @version 2.0
  11. */
  12. if (!defined('SMF'))
  13. die('Hacking attempt...');
  14. /* The functions in this file deal with sending topics to a friend or
  15. moderator, and those functions are:
  16. void SendTopic()
  17. - sends information about a topic to a friend.
  18. - uses the SendTopic template, with the main sub template.
  19. - requires the send_topic permission.
  20. - redirects back to the first page of the topic when done.
  21. - is accessed via ?action=emailuser;sa=sendtopic.
  22. void CustomEmail()
  23. - send an email to the user - allow the sender to write the message.
  24. - can either be passed a user ID as uid or a message id as msg.
  25. - does not check permissions for a message ID as there is no information disclosed.
  26. void ReportToModerator()
  27. - gathers data from the user to report abuse to the moderator(s).
  28. - uses the ReportToModerator template, main sub template.
  29. - requires the report_any permission.
  30. - uses ReportToModerator2() if post data was sent.
  31. - accessed through ?action=reporttm.
  32. void ReportToModerator2()
  33. - sends off emails to all the moderators.
  34. - sends to administrators and global moderators. (1 and 2)
  35. - called by ReportToModerator(), and thus has the same permission
  36. and setting requirements as it does.
  37. - accessed through ?action=reporttm when posting.
  38. */
  39. // The main handling function for sending specialist (Or otherwise) emails to a user.
  40. function EmailUser()
  41. {
  42. global $topic, $txt, $context, $scripturl, $sourcedir, $smcFunc;
  43. // Don't index anything here.
  44. $context['robot_no_index'] = true;
  45. // Load the template.
  46. loadTemplate('SendTopic');
  47. $sub_actions = array(
  48. 'email' => 'CustomEmail',
  49. 'sendtopic' => 'SendTopic',
  50. );
  51. if (!isset($_GET['sa']) || !isset($sub_actions[$_GET['sa']]))
  52. $_GET['sa'] = 'sendtopic';
  53. $sub_actions[$_GET['sa']]();
  54. }
  55. // Send a topic to a friend.
  56. function SendTopic()
  57. {
  58. global $topic, $txt, $context, $scripturl, $sourcedir, $smcFunc, $modSettings;
  59. // Check permissions...
  60. isAllowedTo('send_topic');
  61. // We need at least a topic... go away if you don't have one.
  62. if (empty($topic))
  63. fatal_lang_error('not_a_topic', false);
  64. // Get the topic's subject.
  65. $request = $smcFunc['db_query']('', '
  66. SELECT m.subject, t.approved
  67. FROM {db_prefix}topics AS t
  68. INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg)
  69. WHERE t.id_topic = {int:current_topic}
  70. LIMIT 1',
  71. array(
  72. 'current_topic' => $topic,
  73. )
  74. );
  75. if ($smcFunc['db_num_rows']($request) == 0)
  76. fatal_lang_error('not_a_topic', false);
  77. $row = $smcFunc['db_fetch_assoc']($request);
  78. $smcFunc['db_free_result']($request);
  79. // Can't send topic if its unapproved and using post moderation.
  80. if ($modSettings['postmod_active'] && !$row['approved'])
  81. fatal_lang_error('not_approved_topic', false);
  82. // Censor the subject....
  83. censorText($row['subject']);
  84. // Sending yet, or just getting prepped?
  85. if (empty($_POST['send']))
  86. {
  87. $context['page_title'] = sprintf($txt['sendtopic_title'], $row['subject']);
  88. $context['start'] = $_REQUEST['start'];
  89. return;
  90. }
  91. // Actually send the message...
  92. checkSession();
  93. spamProtection('sendtopc');
  94. // This is needed for sendmail().
  95. require_once($sourcedir . '/Subs-Post.php');
  96. // Trim the names..
  97. $_POST['y_name'] = trim($_POST['y_name']);
  98. $_POST['r_name'] = trim($_POST['r_name']);
  99. // Make sure they aren't playing "let's use a fake email".
  100. if ($_POST['y_name'] == '_' || !isset($_POST['y_name']) || $_POST['y_name'] == '')
  101. fatal_lang_error('no_name', false);
  102. if (!isset($_POST['y_email']) || $_POST['y_email'] == '')
  103. fatal_lang_error('no_email', false);
  104. if (preg_match('~^[0-9A-Za-z=_+\-/][0-9A-Za-z=_\'+\-/\.]*@[\w\-]+(\.[\w\-]+)*(\.[\w]{2,6})$~', $_POST['y_email']) == 0)
  105. fatal_lang_error('email_invalid_character', false);
  106. // The receiver should be valid to.
  107. if ($_POST['r_name'] == '_' || !isset($_POST['r_name']) || $_POST['r_name'] == '')
  108. fatal_lang_error('no_name', false);
  109. if (!isset($_POST['r_email']) || $_POST['r_email'] == '')
  110. fatal_lang_error('no_email', false);
  111. if (preg_match('~^[0-9A-Za-z=_+\-/][0-9A-Za-z=_\'+\-/\.]*@[\w\-]+(\.[\w\-]+)*(\.[\w]{2,6})$~', $_POST['r_email']) == 0)
  112. fatal_lang_error('email_invalid_character', false);
  113. // Emails don't like entities...
  114. $row['subject'] = un_htmlspecialchars($row['subject']);
  115. $replacements = array(
  116. 'TOPICSUBJECT' => $row['subject'],
  117. 'SENDERNAME' => $_POST['y_name'],
  118. 'RECPNAME' => $_POST['r_name'],
  119. 'TOPICLINK' => $scripturl . '?topic=' . $topic . '.0',
  120. );
  121. $emailtemplate = 'send_topic';
  122. if (!empty($_POST['comment']))
  123. {
  124. $emailtemplate .= '_comment';
  125. $replacements['COMMENT'] = $_POST['comment'];
  126. }
  127. $emaildata = loadEmailTemplate($emailtemplate, $replacements);
  128. // And off we go!
  129. sendmail($_POST['r_email'], $emaildata['subject'], $emaildata['body'], $_POST['y_email']);
  130. // Back to the topic!
  131. redirectexit('topic=' . $topic . '.0');
  132. }
  133. // Allow a user to send an email.
  134. function CustomEmail()
  135. {
  136. global $context, $modSettings, $user_info, $smcFunc, $txt, $scripturl, $sourcedir;
  137. // Can the user even see this information?
  138. if ($user_info['is_guest'] && !empty($modSettings['guest_hideContacts']))
  139. fatal_lang_error('no_access', false);
  140. // Are we sending to a user?
  141. $context['form_hidden_vars'] = array();
  142. if (isset($_REQUEST['uid']))
  143. {
  144. $request = $smcFunc['db_query']('', '
  145. SELECT email_address AS email, real_name AS name, id_member, hide_email
  146. FROM {db_prefix}members
  147. WHERE id_member = {int:id_member}',
  148. array(
  149. 'id_member' => (int) $_REQUEST['uid'],
  150. )
  151. );
  152. $context['form_hidden_vars']['uid'] = (int) $_REQUEST['uid'];
  153. }
  154. elseif (isset($_REQUEST['msg']))
  155. {
  156. $request = $smcFunc['db_query']('', '
  157. SELECT IFNULL(mem.email_address, m.poster_email) AS email, IFNULL(mem.real_name, m.poster_name) AS name, IFNULL(mem.id_member, 0) AS id_member, hide_email
  158. FROM {db_prefix}messages AS m
  159. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
  160. WHERE m.id_msg = {int:id_msg}',
  161. array(
  162. 'id_msg' => (int) $_REQUEST['msg'],
  163. )
  164. );
  165. $context['form_hidden_vars']['msg'] = (int) $_REQUEST['msg'];
  166. }
  167. if (empty($request) || $smcFunc['db_num_rows']($request) == 0)
  168. fatal_lang_error('cant_find_user_email');
  169. $row = $smcFunc['db_fetch_assoc']($request);
  170. $smcFunc['db_free_result']($request);
  171. // Are you sure you got the address?
  172. if (empty($row['email']))
  173. fatal_lang_error('cant_find_user_email');
  174. // Can they actually do this?
  175. $context['show_email_address'] = showEmailAddress(!empty($row['hide_email']), $row['id_member']);
  176. if ($context['show_email_address'] === 'no')
  177. fatal_lang_error('no_access', false);
  178. // Setup the context!
  179. $context['recipient'] = array(
  180. 'id' => $row['id_member'],
  181. 'name' => $row['name'],
  182. 'email' => $row['email'],
  183. 'email_link' => ($context['show_email_address'] == 'yes_permission_override' ? '<em>' : '') . '<a href="mailto:' . $row['email'] . '">' . $row['email'] . '</a>' . ($context['show_email_address'] == 'yes_permission_override' ? '</em>' : ''),
  184. 'link' => $row['id_member'] ? '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['name'] . '</a>' : $row['name'],
  185. );
  186. // Can we see this person's email address?
  187. $context['can_view_receipient_email'] = $context['show_email_address'] == 'yes' || $context['show_email_address'] == 'yes_permission_override';
  188. // Are we actually sending it?
  189. if (isset($_POST['send']) && isset($_POST['email_body']))
  190. {
  191. require_once($sourcedir . '/Subs-Post.php');
  192. checkSession();
  193. // If it's a guest sort out their names.
  194. if ($user_info['is_guest'])
  195. {
  196. if (empty($_POST['y_name']) || $_POST['y_name'] == '_' || trim($_POST['y_name']) == '')
  197. fatal_lang_error('no_name', false);
  198. if (empty($_POST['y_email']))
  199. fatal_lang_error('no_email', false);
  200. if (preg_match('~^[0-9A-Za-z=_+\-/][0-9A-Za-z=_\'+\-/\.]*@[\w\-]+(\.[\w\-]+)*(\.[\w]{2,6})$~', $_POST['y_email']) == 0)
  201. fatal_lang_error('email_invalid_character', false);
  202. $from_name = trim($_POST['y_name']);
  203. $from_email = trim($_POST['y_email']);
  204. }
  205. else
  206. {
  207. $from_name = $user_info['name'];
  208. $from_email = $user_info['email'];
  209. }
  210. // Check we have a body (etc).
  211. if (trim($_POST['email_body']) == '' || trim($_POST['email_subject']) == '')
  212. fatal_lang_error('email_missing_data');
  213. // We use a template in case they want to customise!
  214. $replacements = array(
  215. 'EMAILSUBJECT' => $_POST['email_subject'],
  216. 'EMAILBODY' => $_POST['email_body'],
  217. 'SENDERNAME' => $from_name,
  218. 'RECPNAME' => $context['recipient']['name'],
  219. );
  220. // Don't let them send too many!
  221. spamProtection('sendmail');
  222. // Get the template and get out!
  223. $emaildata = loadEmailTemplate('send_email', $replacements);
  224. sendmail($context['recipient']['email'], $emaildata['subject'], $emaildata['body'], $from_email, null, false, 1, null, true);
  225. // Now work out where to go!
  226. if (isset($_REQUEST['uid']))
  227. redirectexit('action=profile;u=' . (int) $_REQUEST['uid']);
  228. elseif (isset($_REQUEST['msg']))
  229. redirectexit('msg=' . (int) $_REQUEST['msg']);
  230. else
  231. redirectexit();
  232. }
  233. $context['sub_template'] = 'custom_email';
  234. $context['page_title'] = $txt['send_email'];
  235. }
  236. // Report a post to the moderator... ask for a comment.
  237. function ReportToModerator()
  238. {
  239. global $txt, $topic, $sourcedir, $modSettings, $user_info, $context, $smcFunc;
  240. $context['robot_no_index'] = true;
  241. // You can't use this if it's off or you are not allowed to do it.
  242. isAllowedTo('report_any');
  243. // If they're posting, it should be processed by ReportToModerator2.
  244. if ((isset($_POST[$context['session_var']]) || isset($_POST['submit'])) && empty($context['post_errors']))
  245. ReportToModerator2();
  246. // We need a message ID to check!
  247. if (empty($_REQUEST['msg']) && empty($_REQUEST['mid']))
  248. fatal_lang_error('no_access', false);
  249. // For compatibility, accept mid, but we should be using msg. (not the flavor kind!)
  250. $_REQUEST['msg'] = empty($_REQUEST['msg']) ? (int) $_REQUEST['mid'] : (int) $_REQUEST['msg'];
  251. // Check the message's ID - don't want anyone reporting a post they can't even see!
  252. $result = $smcFunc['db_query']('', '
  253. SELECT m.id_msg, m.id_member, t.id_member_started
  254. FROM {db_prefix}messages AS m
  255. INNER JOIN {db_prefix}topics AS t ON (t.id_topic = {int:current_topic})
  256. WHERE m.id_msg = {int:id_msg}
  257. AND m.id_topic = {int:current_topic}
  258. LIMIT 1',
  259. array(
  260. 'current_topic' => $topic,
  261. 'id_msg' => $_REQUEST['msg'],
  262. )
  263. );
  264. if ($smcFunc['db_num_rows']($result) == 0)
  265. fatal_lang_error('no_board', false);
  266. list ($_REQUEST['msg'], $member, $starter) = $smcFunc['db_fetch_row']($result);
  267. $smcFunc['db_free_result']($result);
  268. // Do we need to show the visual verification image?
  269. $context['require_verification'] = $user_info['is_guest'] && !empty($modSettings['guests_report_require_captcha']);
  270. if ($context['require_verification'])
  271. {
  272. require_once($sourcedir . '/Subs-Editor.php');
  273. $verificationOptions = array(
  274. 'id' => 'report',
  275. );
  276. $context['require_verification'] = create_control_verification($verificationOptions);
  277. $context['visual_verification_id'] = $verificationOptions['id'];
  278. }
  279. // Show the inputs for the comment, etc.
  280. loadLanguage('Post');
  281. loadTemplate('SendTopic');
  282. $context['comment_body'] = !isset($_POST['comment']) ? '' : trim($_POST['comment']);
  283. $context['email_address'] = !isset($_POST['email']) ? '' : trim($_POST['email']);
  284. // This is here so that the user could, in theory, be redirected back to the topic.
  285. $context['start'] = $_REQUEST['start'];
  286. $context['message_id'] = $_REQUEST['msg'];
  287. $context['page_title'] = $txt['report_to_mod'];
  288. $context['sub_template'] = 'report';
  289. }
  290. // Send the emails.
  291. function ReportToModerator2()
  292. {
  293. global $txt, $scripturl, $topic, $board, $user_info, $modSettings, $sourcedir, $language, $context, $smcFunc;
  294. // You must have the proper permissions!
  295. isAllowedTo('report_any');
  296. // Make sure they aren't spamming.
  297. spamProtection('reporttm');
  298. require_once($sourcedir . '/Subs-Post.php');
  299. // No errors, yet.
  300. $post_errors = array();
  301. // Check their session.
  302. if (checkSession('post', '', false) != '')
  303. $post_errors[] = 'session_timeout';
  304. // Make sure we have a comment and it's clean.
  305. if (!isset($_POST['comment']) || $smcFunc['htmltrim']($_POST['comment']) === '')
  306. $post_errors[] = 'no_comment';
  307. $poster_comment = strtr($smcFunc['htmlspecialchars']($_POST['comment']), array("\r" => '', "\n" => '', "\t" => ''));
  308. // Guests need to provide their address!
  309. if ($user_info['is_guest'])
  310. {
  311. $_POST['email'] = !isset($_POST['email']) ? '' : trim($_POST['email']);
  312. if ($_POST['email'] === '')
  313. $post_errors[] = 'no_email';
  314. elseif (preg_match('~^[0-9A-Za-z=_+\-/][0-9A-Za-z=_\'+\-/\.]*@[\w\-]+(\.[\w\-]+)*(\.[\w]{2,6})$~', $_POST['email']) == 0)
  315. $post_errors[] = 'bad_email';
  316. isBannedEmail($_POST['email'], 'cannot_post', sprintf($txt['you_are_post_banned'], $txt['guest_title']));
  317. $user_info['email'] = htmlspecialchars($_POST['email']);
  318. }
  319. // Could they get the right verification code?
  320. if ($user_info['is_guest'] && !empty($modSettings['guests_report_require_captcha']))
  321. {
  322. require_once($sourcedir . '/Subs-Editor.php');
  323. $verificationOptions = array(
  324. 'id' => 'report',
  325. );
  326. $context['require_verification'] = create_control_verification($verificationOptions, true);
  327. if (is_array($context['require_verification']))
  328. $post_errors = array_merge($post_errors, $context['require_verification']);
  329. }
  330. // Any errors?
  331. if (!empty($post_errors))
  332. {
  333. loadLanguage('Errors');
  334. $context['post_errors'] = array();
  335. foreach ($post_errors as $post_error)
  336. $context['post_errors'][] = $txt['error_' . $post_error];
  337. return ReportToModerator();
  338. }
  339. // Get the basic topic information, and make sure they can see it.
  340. $_POST['msg'] = (int) $_POST['msg'];
  341. $request = $smcFunc['db_query']('', '
  342. SELECT m.id_topic, m.id_board, m.subject, m.body, m.id_member AS id_poster, m.poster_name, mem.real_name
  343. FROM {db_prefix}messages AS m
  344. LEFT JOIN {db_prefix}members AS mem ON (m.id_member = mem.id_member)
  345. WHERE m.id_msg = {int:id_msg}
  346. AND m.id_topic = {int:current_topic}
  347. LIMIT 1',
  348. array(
  349. 'current_topic' => $topic,
  350. 'id_msg' => $_POST['msg'],
  351. )
  352. );
  353. if ($smcFunc['db_num_rows']($request) == 0)
  354. fatal_lang_error('no_board', false);
  355. $message = $smcFunc['db_fetch_assoc']($request);
  356. $smcFunc['db_free_result']($request);
  357. $poster_name = un_htmlspecialchars($message['real_name']) . ($message['real_name'] != $message['poster_name'] ? ' (' . $message['poster_name'] . ')' : '');
  358. $reporterName = un_htmlspecialchars($user_info['name']) . ($user_info['name'] != $user_info['username'] && $user_info['username'] != '' ? ' (' . $user_info['username'] . ')' : '');
  359. $subject = un_htmlspecialchars($message['subject']);
  360. // Get a list of members with the moderate_board permission.
  361. require_once($sourcedir . '/Subs-Members.php');
  362. $moderators = membersAllowedTo('moderate_board', $board);
  363. $request = $smcFunc['db_query']('', '
  364. SELECT id_member, email_address, lngfile, mod_prefs
  365. FROM {db_prefix}members
  366. WHERE id_member IN ({array_int:moderator_list})
  367. AND notify_types != {int:notify_types}
  368. ORDER BY lngfile',
  369. array(
  370. 'moderator_list' => $moderators,
  371. 'notify_types' => 4,
  372. )
  373. );
  374. // Check that moderators do exist!
  375. if ($smcFunc['db_num_rows']($request) == 0)
  376. fatal_lang_error('no_mods', false);
  377. // If we get here, I believe we should make a record of this, for historical significance, yabber.
  378. if (empty($modSettings['disable_log_report']))
  379. {
  380. $request2 = $smcFunc['db_query']('', '
  381. SELECT id_report, ignore_all
  382. FROM {db_prefix}log_reported
  383. WHERE id_msg = {int:id_msg}
  384. AND (closed = {int:not_closed} OR ignore_all = {int:ignored})
  385. ORDER BY ignore_all DESC',
  386. array(
  387. 'id_msg' => $_POST['msg'],
  388. 'not_closed' => 0,
  389. 'ignored' => 1,
  390. )
  391. );
  392. if ($smcFunc['db_num_rows']($request2) != 0)
  393. list ($id_report, $ignore) = $smcFunc['db_fetch_row']($request2);
  394. $smcFunc['db_free_result']($request2);
  395. // If we're just going to ignore these, then who gives a monkeys...
  396. if (!empty($ignore))
  397. redirectexit('topic=' . $topic . '.msg' . $_POST['msg'] . '#msg' . $_POST['msg']);
  398. // Already reported? My god, we could be dealing with a real rogue here...
  399. if (!empty($id_report))
  400. $smcFunc['db_query']('', '
  401. UPDATE {db_prefix}log_reported
  402. SET num_reports = num_reports + 1, time_updated = {int:current_time}
  403. WHERE id_report = {int:id_report}',
  404. array(
  405. 'current_time' => time(),
  406. 'id_report' => $id_report,
  407. )
  408. );
  409. // Otherwise, we shall make one!
  410. else
  411. {
  412. if (empty($message['real_name']))
  413. $message['real_name'] = $message['poster_name'];
  414. $smcFunc['db_insert']('',
  415. '{db_prefix}log_reported',
  416. array(
  417. 'id_msg' => 'int', 'id_topic' => 'int', 'id_board' => 'int', 'id_member' => 'int', 'membername' => 'string',
  418. 'subject' => 'string', 'body' => 'string', 'time_started' => 'int', 'time_updated' => 'int',
  419. 'num_reports' => 'int', 'closed' => 'int',
  420. ),
  421. array(
  422. $_POST['msg'], $message['id_topic'], $message['id_board'], $message['id_poster'], $message['real_name'],
  423. $message['subject'], $message['body'] , time(), time(), 1, 0,
  424. ),
  425. array('id_report')
  426. );
  427. $id_report = $smcFunc['db_insert_id']('{db_prefix}log_reported', 'id_report');
  428. }
  429. // Now just add our report...
  430. if ($id_report)
  431. {
  432. $smcFunc['db_insert']('',
  433. '{db_prefix}log_reported_comments',
  434. array(
  435. 'id_report' => 'int', 'id_member' => 'int', 'membername' => 'string', 'email_address' => 'string',
  436. 'member_ip' => 'string', 'comment' => 'string', 'time_sent' => 'int',
  437. ),
  438. array(
  439. $id_report, $user_info['id'], $user_info['name'], $user_info['email'],
  440. $user_info['ip'], $poster_comment, time(),
  441. ),
  442. array('id_comment')
  443. );
  444. }
  445. }
  446. // Find out who the real moderators are - for mod preferences.
  447. $request2 = $smcFunc['db_query']('', '
  448. SELECT id_member
  449. FROM {db_prefix}moderators
  450. WHERE id_board = {int:current_board}',
  451. array(
  452. 'current_board' => $board,
  453. )
  454. );
  455. $real_mods = array();
  456. while ($row = $smcFunc['db_fetch_assoc']($request2))
  457. $real_mods[] = $row['id_member'];
  458. $smcFunc['db_free_result']($request2);
  459. // Send every moderator an email.
  460. while ($row = $smcFunc['db_fetch_assoc']($request))
  461. {
  462. // Maybe they don't want to know?!
  463. if (!empty($row['mod_prefs']))
  464. {
  465. list(,, $pref_binary) = explode('|', $row['mod_prefs']);
  466. if (!($pref_binary & 1) && (!($pref_binary & 2) || !in_array($row['id_member'], $real_mods)))
  467. continue;
  468. }
  469. $replacements = array(
  470. 'TOPICSUBJECT' => $subject,
  471. 'POSTERNAME' => $poster_name,
  472. 'REPORTERNAME' => $reporterName,
  473. 'TOPICLINK' => $scripturl . '?topic=' . $topic . '.msg' . $_POST['msg'] . '#msg' . $_POST['msg'],
  474. 'REPORTLINK' => !empty($id_report) ? $scripturl . '?action=moderate;area=reports;report=' . $id_report : '',
  475. 'COMMENT' => $_POST['comment'],
  476. );
  477. $emaildata = loadEmailTemplate('report_to_moderator', $replacements, empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile']);
  478. // Send it to the moderator.
  479. sendmail($row['email_address'], $emaildata['subject'], $emaildata['body'], $user_info['email'], null, false, 2);
  480. }
  481. $smcFunc['db_free_result']($request);
  482. // Keep track of when the mod reports get updated, that way we know when we need to look again.
  483. updateSettings(array('last_mod_report_action' => time()));
  484. // Back to the post we reported!
  485. redirectexit('reportsent;topic=' . $topic . '.msg' . $_POST['msg'] . '#msg' . $_POST['msg']);
  486. }
  487. ?>